From bc8a4e188b97f51f13f77b96a40b66f7515c9ed8 Mon Sep 17 00:00:00 2001
From: Tomasz Wrobel <tomasz.wrobel@nokia.com>
Date: Thu, 18 Aug 2022 17:05:36 +0200
Subject: Fix PM-mapper Vulnerabilities

- Update io.undertow:undertow-core to version 2.2.17.Final
- Update dcae-sdk to version 1.8.10
- Update io.projectreactor:reactor-core to version 3.4.21

Issue-ID: DCAEGEN2-3218
Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com>
Change-Id: Ib62abc496abc8b83efdda15062dc887494f9ffa8
---
 Changelog.md | 4 ++++
 pom.xml      | 8 +++++---
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index c38af1f..cf587f1 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [1.9.0] - 2022/05/13
 ### Changed
+- [DCAEGEN2-3218] Fix vulnerabilities:
+  - Update io.undertow:undertow-core to version 2.2.17.Final
+  - Update dcae-sdk to version 1.8.10
+  - Update io.projectreactor:reactor-core to version 3.4.21
 - [DCAEGEN2-3037] Disable TLS in DataRouter (CSIT)
 - [DCAEGEN2-3182] Extend development tools
 
diff --git a/pom.xml b/pom.xml
index 66c5132..f5999a5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -46,15 +46,15 @@
         <lombok.version>1.18.4</lombok.version>
         <sl4j.version>1.7.25</sl4j.version>
         <logback.version>1.2.10</logback.version>
-        <reactor.version>3.4.0</reactor.version>
-        <undertow.version>2.2.16.Final</undertow.version>
+        <reactor.version>3.4.21</reactor.version>
+        <undertow.version>2.2.17.Final</undertow.version>
         <gson.version>2.8.9</gson.version>
         <freemarker.version>2.3.31</freemarker.version>
         <commons.io.version>2.8.0</commons.io.version>
         <xml.version>2.3.1</xml.version>
         <jaxb.version>2.3.0.1</jaxb.version>
         <!-- DCAE SDK -->
-        <sdk.version>1.8.8</sdk.version>
+        <sdk.version>1.8.10</sdk.version>
         <!-- Testing Test Dependencies -->
         <junit.version>5.3.2</junit.version>
         <mockito.version>2.23.4</mockito.version>
@@ -94,6 +94,8 @@
         <ext.dep.dir.path>${dep.dir.name}/external</ext.dep.dir.path>
 
         <docker-image.tag.latest>latest</docker-image.tag.latest>
+        <!--Skip gerrit review rules-->
+        <onap-gerrit-review>-missing-package-json</onap-gerrit-review>
     </properties>
 
     <dependencies>
-- 
cgit 1.2.3-korg